LISP conditions and role-based security models
Something ocurred to me last night, as I was drifting off to sleep. You could implement a full security mechanism in Lisp using just the condition system. While some macros would be handy for simplicity, you could easily implement it without. Once I get moved, I want to spend some time figuring out the way to do this, but I think that simply defining a proper set of conditions, and then using SIGNAL to bring them into the right frame would work.
More thinking ahead.
This entry was posted at 11:50 pm on 6 August 2005 and is filed under Lisp, Security. You can follow any responses to this entry through the post-specific RSS 2.0 feed.
Actually this would work totally differently. Basically, when you get to a specific point where you need to make a decision, you raise a signal and “something” above you in the call stack can make the decision of whether to proceed or abort—without unwinding the call stack.
You could certainly do it trivially in Lisp with :before functions.
It gets a lot better than that. See…
Responses are currently closed, but you can trackback from your own site.
Just, you know, if you wanted to make it more relevent, I think PEAK’s generic functions might provide the same thing. That is, you can monkey-patch any function to be generic, then specialize it with functions that provide security constraints (and call next_method). Anyway, I think that’s kind of what you are talking about here.